Author Topic: BIND DNS Server problem  (Read 186 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
BIND DNS Server problem
« on: October 12, 2017, 11:05:46 AM »
I have problem with starting up BIND DNS Server error it is:
Quote
Oct 12 12:22:01 cbox.biz systemd[1]: named.service: control process exited, code=exited status=1
Oct 12 12:22:01 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 12 12:22:01 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 12 12:22:01 cbox.biz systemd[1]: named.service failed.

If enyone can help will be nice :).

Offline
***
Re: BIND DNS Server problem
« Reply #1 on: October 12, 2017, 01:11:16 PM »
Try to start it from CWP and paste the error from there, or systemctl status named.service or journalctl -xe
Current uptime:
UNIX is a very simple OS, but you have to be a GENIUS to understand it ...

Offline
*
Re: BIND DNS Server problem
« Reply #2 on: October 12, 2017, 02:25:08 PM »
Quote
named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/systemd/system/named.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Thu 2017-10-12 12:22:01 EEST; 5h 1min ago
  Process: 28142 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zo
ne files is disabled"; fi (code=exited, status=1/FAILURE)
Oct 12 12:22:01 cbox.biz bash[28142]: _default/domain/IN: bad zone
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain1/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain2/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain3/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain4/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz bash[28142]: zone domain5/IN: loaded serial 2013071600
Oct 12 12:22:01 cbox.biz systemd[1]: named.service: control process exited, code=exited status=1
Oct 12 12:22:01 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 12 12:22:01 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 12 12:22:01 cbox.biz systemd[1]: named.service failed.
Unit or.service could not be found.
Unit journalctl.service could not be found.
This is with  systemctl status named.service or journalctl.
With systemctl status named.service or journalctl with -xe give me error systemctl: invalid option -- 'x'.
« Last Edit: October 12, 2017, 02:33:58 PM by jeniha »

Offline
***
Re: BIND DNS Server problem
« Reply #3 on: October 12, 2017, 03:42:36 PM »
CentOS 6 or CentOS 7? As I see "Oct 12 12:22:01 cbox.biz bash[28142]: _default/domain/IN: bad zone". Please paste first your /etc/named.conf and later we will see the zones.
Current uptime:
UNIX is a very simple OS, but you have to be a GENIUS to understand it ...

Offline
*
Re: BIND DNS Server problem
« Reply #4 on: October 13, 2017, 05:20:55 AM »
CentOS 7, hmm dosent have permission.
/etc/named.conf permission denied it shows.

Offline
***
Re: BIND DNS Server problem
« Reply #5 on: October 13, 2017, 03:31:27 PM »
Got root? Type "whoami" and see the output if you are not sure. Than open the file as root and show me, if you want can be on PM.
Current uptime:
UNIX is a very simple OS, but you have to be a GENIUS to understand it ...

Offline
*
Re: BIND DNS Server problem
« Reply #6 on: October 13, 2017, 08:50:56 PM »
Quote
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a any DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
    listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory    "/var/named";
        dump-file    "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };

        /*
  - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
         - If you are building a RECURSIVE (caching) DNS server, you need to enable
           recursion.
         - If your recursive DNS server has a public IP address, you MUST enable acces$
           control to limit queries to your legitimate users. Failing to do so will
           cause your server to become part of large scale DNS amplification
           attacks. Implementing BCP38 within your network would greatly
           reduce such attack surface
        */
    recursion no;
recursion no;

        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";

        managed-keys-directory "/var/named/dynamic";

        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};
logging {
    channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";



// zone domain4
zone "domain4" {
                                   type master;
                                        file "/var/named/domain4.db";};
// zone_end domain4

// zone domain4
zone "domain4" {
                                   type master;
                                        file "/var/named/domain4.db";};
// zone_end domain4

// zone domain
zone "domain" {
                                   type master;
                                        file "/var/named/domain.db";};
// zone_end domain

// zone_end domain



// zone domain5
zone "domain5" {
                                   type master;
                                        file "/var/named/domain5.db";};
// zone_end domain5

// zone domain3
zone "domain3" {
                                   type master;
                                        file "/var/named/domain3.db";};
// zone_end domain3
//zone "8.8.8.8" {type master;file "/var/named/8.8.8.8.db";};
//zone "8.8.8.8" {type master;file "/var/named/8.8.8.8.db";};

//zone "ns.nsbox.com" {type master;file "/var/named/ns.nsbox.com.db";};
//zone "ns12.nsbox.com" {type master;file "/var/named/ns12.nsbox.com.db";};


// zone service
zone "service" {
                                   type master;
                                        file "/var/named/service.db";};
// zone_end service
// zone domain2
zone "domain2" {
                                   type master;
                                        file "/var/named/domain2.db";};
// zone_end domain2

Offline
***
Re: BIND DNS Server problem
« Reply #7 on: October 14, 2017, 05:00:58 AM »
I will rewrite your named.conf, so just copy from here, delete everything in your named.conf and paste this:
Code: [Select]
// named.conf
//
// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
// server as a caching only nameserver (as a any DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// See the BIND Administrator's Reference Manual (ARM) for details about the
// configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html

options {
        listen-on port 53 { any; };
        listen-on-v6 port 53 { ::1; };
        directory    "/var/named";
        dump-file    "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        allow-transfer  { any; };
        recursion no;
        dnssec-enable yes;
        dnssec-validation yes;

        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
};

logging {
    channel default_debug {
                file "data/named.run";
                severity dynamic;
        };
};

zone "." IN {
    type hint;
        file "named.ca";
};

include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";



// zone domain4
zone "domain4" IN {
                                   type master;
                                   file "/var/named/domain4.db";};
// zone_end domain4

// zone domain4
zone "domain4" IN {
                                   type master;
                                   file "/var/named/domain4.db";};
// zone_end domain4

// zone domain
zone "domain" IN {
                                   type master;
                                   file "/var/named/domain.db";};
// zone_end domain

// zone domain5
zone "domain5" IN {
                                   type master;
                                   file "/var/named/domain5.db";};
// zone_end domain5

// zone domain3
zone "domain3" IN {
                                   type master;
                                   file "/var/named/domain3.db";};
// zone_end domain3

//zone "ns.nsbox.com" IN {type master;file "/var/named/ns.nsbox.com.db";};
//zone "ns12.nsbox.com" IN {type master;file "/var/named/ns12.nsbox.com.db";};


// zone service
zone "service" IN {
                                   type master;
                                   file "/var/named/service.db";};
// zone_end service
// zone domain2
zone "domain2" IN {
                                   type master;
                                   file "/var/named/domain2.db";};
// zone_end domain2

Ok. You need to replace "domain, domain2, domain3, domain4, domain5 and service" with real domains like "jeniha.com" or something else which is real. Also you need to rename all the "file "/var/named/domain.db";" to be "file "/var/named/jeniha.com.db";" for example and then to create a proper "jeniha.com.db". I will give you an example "jeniha.com.db" and you will replace "jeniha.com" with your domain.
Code: [Select]
$TTL 14400
jeniha.com.      86400        IN      SOA     ns1.jeniha.com. root.jeniha.com. (
                    2017101401      ; serial, todays date+todays
                    86400           ; refresh, seconds
                    7200            ; retry, seconds
                    3600000         ; expire, seconds
                    86400 )         ; minimum, seconds

;; NS Records
jeniha.com.     IN      NS      ns1.jeniha.com.
jeniha.com.     IN      NS      ns2.jeniha.com.
jeniha.com.     IN      NS      ns3.jeniha.com.
jeniha.com.     IN      NS      ns4.jeniha.com.
jeniha.com.     IN      NS      ns5.jeniha.com.

;; A Records
jeniha.com.    IN      A       77.236.161.244
localhost.jeniha.com.     IN      A       127.0.0.1

;; AAAA Records
jeniha.com.     IN      AAAA    2001:470:1d1b:e5::11

;; MX Records
jeniha.com.       IN      MX      0       jeniha.com.

;; CNAME Records
www           IN      CNAME           jeniha.com.
mail            IN      CNAME           jeniha.com.
ftp              IN      CNAME           jeniha.com.
irc              IN      CNAME           jeniha.com.
Leaving "domain, domain2, domain3, domain4, domain5 and service" will not work properly for outside. If it`s for LAN it will be ok. If you are not using IPv6 remove the whole ";; AAAA Records and jeniha.com.     IN      AAAA    2001:470:1d1b:e5::11". Try like this and tell me what`s going on. Waiting for your reply.
Current uptime:
UNIX is a very simple OS, but you have to be a GENIUS to understand it ...

Offline
*
Re: BIND DNS Server problem
« Reply #8 on: October 16, 2017, 10:03:54 AM »
Active: failed (Result: exit-code) since Mon 2017-10-16 13:02:20 EEST; 22s ago
  Process: 75085 ExecStartPre=/bin/bash -c if [ ! "$DISABLE_ZONE_CHECKING" == "yes" ]; then /usr/sbin/named-checkconf -z /etc/named.conf; else echo "Checking of zo
ne files is disabled"; fi (code=exited, status=1/FAILURE)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:14: ignoring out-of-zone data (dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:16: ignoring out-of-zone data (localhost.dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: /var/named/dbl-bg.com.db:18: ignoring out-of-zone data (dbl-bg.com)
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: has 0 SOA records
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: has no NS records
Oct 16 13:02:20 cbox.biz bash[75085]: zone dbl-bg.com\032/IN: not loaded due to errors.
Oct 16 13:02:20 cbox.biz bash[75085]: _default/dbl-bg.com /IN: bad zone
Oct 16 13:02:20 cbox.biz systemd[1]: Failed to start Berkeley Internet Name Domain (DNS).
Oct 16 13:02:20 cbox.biz systemd[1]: Unit named.service entered failed state.
Oct 16 13:02:20 cbox.biz systemd[1]: named.service failed.

hm.

Offline
***
Re: BIND DNS Server problem
« Reply #9 on: October 16, 2017, 05:08:16 PM »
Can you paste here lines 14, 16 and 18 ?
Current uptime:
UNIX is a very simple OS, but you have to be a GENIUS to understand it ...

Offline
*
Re: BIND DNS Server problem
« Reply #10 on: Today at 05:25:45 AM »
Quote
        directory    "/var/named";
        dump-file    "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
Here :).